Submitted By:            Randy McMurchy <randy_at_linuxfromscratch_dot_org>
Date:                    2008-03-24
Initial Package Version: 8.15.4
Upstream Status:         In GPL Ghostscript SVN
Origin:                  http://bugs.gentoo.org/attachment.cgi?id=143467
Description:             Fixes a buffer overflow vulnerability


diff -Naur espgs-8.15.4-orig/src/zicc.c espgs-8.15.4/src/zicc.c
--- espgs-8.15.4-orig/src/zicc.c	2005-01-19 04:08:41.000000000 +0000
+++ espgs-8.15.4/src/zicc.c	2008-03-25 03:56:08.000000000 +0000
@@ -80,6 +80,9 @@
     dict_find_string(op, "N", &pnval);
     ncomps = pnval->value.intval;
 
+    if (2*ncomps > sizeof(range_buff)/sizeof(float))
+       return_error(e_rangecheck);
+
     /* verify the DataSource entry */
     if (dict_find_string(op, "DataSource", &pstrmval) <= 0)
         return_error(e_undefined);